CORS ERROR ALREADY ENABLED CORS ON API GATEWAY
The Amazon API Gateway is an AWS application built to build, upload, manage, track and protect REST, HTTP, and WebSocket APIs on any size. As well as data stored in the AWS Cloud, Application developers can build Applications that control AWS or other cloud resources. As a developer of API Gateway APIs, you can build APIs for use of your own client applications. Or you can make the APIs visible to the device of the developers from third parties.
Why we need an API Gateway?
When you set up your web server and expose it to the internet, you are putting your server at risk of hacked by anyone.
What is CORS?
But first, let’s establish a few definitions. What is CORS anyway? CORS stands for Cross-Origin Resource Sharing, and it’s a protocol that allows servers to receive requests from different domains. To understand why CORS is necessary, it first helps to understand why it would be a problem to make a request from one domain to another in the first place.
When we talk about cross-origin requests, we’re usually talking about requests from one domain or subdomain to a different domain or subdomain. But different protocols (for example HTTP vs HTTPS) or different ports can also constitute different origins.
The same-origin policy mainly comes into play when using methods like fetch or XMLHttpRequest to make an AJAX request. If you’re running a script on domain-one.com that calls out to a resource that’s also located on domain-one.com, you’re in the clear. But what if the resource you need is located on domain-two.com? Unless domain-two.com has enabled CORS to give domain-one.com permission to access its resources, the request will be blocked.
When we run the script, we see the familiar CORS error, indicating that the request was blocked:
Steps were taken to resolve the cors error
The internal interface in the API Gateway of a WebSocket API route or REST API process, where you map the status codes, headers, and payload obtained from the backend to the address format returned to a client device.
CORS HTTP response headers
The following headers are available to configure CORS access on your server:
Access-Control-Allow-Headers edited and make it to ‘*’
Then Deploy API
Click on Deploy
Thanks to all my readers and I hope I will come back with a more interesting topic.😎